added bypass for mega-enlace

taken from AdGuard bypass scripts

used in: pelisenhd.org latinomegahd.net gatonplayseries.com peliculasgd.net tododvdfull.com

Bypass_All_Shortlinks.meta.js

@@ -3,7 +3,7 @@
 // @namespace  Violentmonkey Scripts
 // @run-at     document-start
 // @author     Amm0ni4
-// @version        91.5.6
+// @version        91.5.7
 // @grant          GM_setValue
 // @grant          GM_getValue
 // @grant          GM_addStyle
@@ -741,6 +741,7 @@
 // @include     /(adclicker.(io|info)|(discoveryultrasecure|yourihollier).com)\/url\/\#/
 // @include     /tiktokcounter.net/
 // @include      /(loot-link.com|loot-links.com|lootlink.org|lootlinks.co|lootdest.(info|org|com)|links-loot.com|linksloot.net)\/s\?.*$/
+// @include     /mega-enlace.com/
 // @exclude /^(https?:\/\/)(.+)?((advertisingexcel|talkforfitness|rsadnetworkinfo|rsinsuranceinfo|rsfinanceinfo|rssoftwareinfo|rshostinginfo|rseducationinfo|gametechreviewer|vegan4k|phineypet|batmanfactor|techedifier|urlhives|linkhives|github|freeoseocheck|greenenez|aliyun|reddit|bing|yahoo|wiki-topia|edonmanor|vrtier|whatsapp|gearsadviser|edonmanor|tunebug|menrealitycalc|amazon|ebay|payoneer|paypal|skrill|stripe|tipalti|wise|discord|tokopedia|taobao|taboola|aliexpress|netflix|citigroup|spotify|bankofamerica|hsbc|(cloud|mail|translate|analytics|accounts|myaccount|contacts|clients6|developers|payments|pay|ogs|safety|wallet).google|(login|signup|account|officeapps|api|mail|hotmail).live).com|(thumb8|thumb9|crewbase|crewus|shinchu|shinbhu|ultraten|uniqueten|topcryptoz|allcryptoz|coinsvalue|cookinguide|cryptowidgets|webfreetools|carstopia|makeupguide|carsmania|nflximg|doubleclick).net|(linksfly|shortsfly|urlsfly|wefly|blog24).me|(greasyfork|openuserjs|adarima|telegram|wikipedia).org|mcrypto.club|misterio.ro|insurancegold.in|coinscap.info|(shopee|lazada|rakuten|maybank).*|(dana|ovo|bca.co|bri.co|bni.co|bankmandiri.co|desa|(.*).go).id|(.*).edu|(.*).gov)(\/.*)/
 // @downloadURL https://codeberg.org/Amm0ni4/bypass-all-shortlinks-debloated/raw/branch/main/Bypass_All_Shortlinks.user.js
 // @updateURL https://codeberg.org/Amm0ni4/bypass-all-shortlinks-debloated/raw/branch/main/Bypass_All_Shortlinks.meta.js

Bypass_All_Shortlinks.user.js

@@ -3,7 +3,7 @@
 // @namespace  Violentmonkey Scripts
 // @run-at     document-start
 // @author     Amm0ni4
-// @version        91.5.6
+// @version        91.5.7
 // @grant          GM_setValue
 // @grant          GM_getValue
 // @grant          GM_addStyle
@@ -741,6 +741,7 @@
 // @include     /(adclicker.(io|info)|(discoveryultrasecure|yourihollier).com)\/url\/\#/
 // @include     /tiktokcounter.net/
 // @include      /(loot-link.com|loot-links.com|lootlink.org|lootlinks.co|lootdest.(info|org|com)|links-loot.com|linksloot.net)\/s\?.*$/
+// @include     /mega-enlace.com/
 // @exclude /^(https?:\/\/)(.+)?((advertisingexcel|talkforfitness|rsadnetworkinfo|rsinsuranceinfo|rsfinanceinfo|rssoftwareinfo|rshostinginfo|rseducationinfo|gametechreviewer|vegan4k|phineypet|batmanfactor|techedifier|urlhives|linkhives|github|freeoseocheck|greenenez|aliyun|reddit|bing|yahoo|wiki-topia|edonmanor|vrtier|whatsapp|gearsadviser|edonmanor|tunebug|menrealitycalc|amazon|ebay|payoneer|paypal|skrill|stripe|tipalti|wise|discord|tokopedia|taobao|taboola|aliexpress|netflix|citigroup|spotify|bankofamerica|hsbc|(cloud|mail|translate|analytics|accounts|myaccount|contacts|clients6|developers|payments|pay|ogs|safety|wallet).google|(login|signup|account|officeapps|api|mail|hotmail).live).com|(thumb8|thumb9|crewbase|crewus|shinchu|shinbhu|ultraten|uniqueten|topcryptoz|allcryptoz|coinsvalue|cookinguide|cryptowidgets|webfreetools|carstopia|makeupguide|carsmania|nflximg|doubleclick).net|(linksfly|shortsfly|urlsfly|wefly|blog24).me|(greasyfork|openuserjs|adarima|telegram|wikipedia).org|mcrypto.club|misterio.ro|insurancegold.in|coinscap.info|(shopee|lazada|rakuten|maybank).*|(dana|ovo|bca.co|bri.co|bni.co|bankmandiri.co|desa|(.*).go).id|(.*).edu|(.*).gov)(\/.*)/
 // @downloadURL https://codeberg.org/Amm0ni4/bypass-all-shortlinks-debloated/raw/branch/main/Bypass_All_Shortlinks.user.js
 // @updateURL https://codeberg.org/Amm0ni4/bypass-all-shortlinks-debloated/raw/branch/main/Bypass_All_Shortlinks.meta.js
@@ -2276,3 +2277,46 @@
 
 })();
 // ----- ----- -----
+
+// ----- Bypass mega-enlace ( Taken from AdGuard https://github.com/AdguardTeam/AdguardFilters/blob/b1622e8b387148509ca355e8070ffa5cdcf87525/SpanishFilter/sections/general_extensions.txt#L108 ) -----
+// used in: pelisenhd.org latinomegahd.net gatonplayseries.com peliculasgd.net tododvdfull.com
+(function() {
+    if (/mega-enlace.com/.test(window.location.href)) {
+        const window = unsafeWindow; //Added so it works in ViolentMonkey instead of AdGuard
+        const e = e => { // The e function: It sends a POST request to the link shortener's server and performs some string replacements to modify the form data and action URL. Finally, it sends another POST request with the modified form data to the action URL.
+                const o = new XMLHttpRequest;
+                o.open("POST", "/check.php", !0), o.setRequestHeader("Content-type", "application/x-www-form-urlencoded"), o.send("a");
+                const t = atob(window.ext_site).replace(/[a-z]/gi, (e => String.fromCharCode(e.charCodeAt(0) + (e.toLowerCase() <= "m" ? 13 : -13))));
+                let n = e.replaceAll('\\"', '"');
+                n = n.replace("'+ api_key+ '", window.api_key), n = n.replace("'+ link_out+ \"", window.link_out), n = n.replace(/action="'\+ .*?\+ '"/, `action="${t}"`);
+                var a;
+                const i = (a = n, (new DOMParser).parseFromString(a, "text/html")).querySelector("form"),
+                    r = new FormData(i),
+                    c = new XMLHttpRequest;
+                c.open("POST", t, !0), c.send(r), window.tab2 = window, postMessage("_clicked_b", location.origin)
+            },
+            o = { // The o object: This object is a proxy that intercepts function calls. It checks if the function call includes the api_key parameter and performs additional modifications to the function's code. If the necessary conditions are met, it tries to bypass the link shortener by calling the e function.
+                apply: (o, t, n) => {
+                    if (n[1] && n[1].includes("api_key")) {
+                        const o = window.link_out,
+                            t = window.api_key,
+                            a = n[1].match(/window\.open\(.*?\(atob\(main_site\)\).*?("\/.*\.php\?.*=").*?("&.*?=").*?(api_key),"view"/),
+                            i = a[1].replaceAll('"', ""),
+                            r = a[2].replaceAll('"', ""),
+                            c = n[1].match(/<form target=[\s\S]*?<\/form>/)[0];
+                        if (n[1] = n[1].replace("window.location.href", "var nulled"), n[1] = n[1].replace("window.open(f", "location.assign(f"), n[1] = n[1].replace(/(parseInt\(c\.split\("-"\)\[0\]\)<= 0).*?(\)\{)/, "$1$2"), o && t && i && r && c) try {
+                            "loading" === document.readyState ? window.addEventListener("load", (() => {
+                                e(c)
+                            }), {
+                                once: !0
+                            }) : e(c)
+                        } catch (e) {
+                            console.debug(e)
+                        }
+                    }
+                    return Reflect.apply(o, t, n)
+                }
+            };
+        window.Function.prototype.constructor = new Proxy(window.Function.prototype.constructor, o)
+    }
+})();

README.md

@@ -43,4 +43,5 @@ Thanks to:
 - [antiworkink](https://greasyfork.org/users/1237543-antiworkink) for the loot-link open source bypass.
 - [Ad-Bypass](https://adbypass.eu/) Redirecting to this site for ad-maven links.
 - [Rust1667](https://greasyfork.org/users/980489-rust1667) for some bypasses.
+- [AdGuard filters](https://github.com/AdguardTeam/AdguardFilters/) for some bypasses.
 

extra_bypasses/mega-enlace.user.js

@@ -0,0 +1,49 @@
+// ==UserScript==
+// @name        mega-enlace bypass
+// @include     /mega-enlace.com/
+// @grant          GM_xmlhttpRequest
+// @run-at      document-start
+// ==/UserScript==
+
+// ----- Bypass mega-enlace ( Taken from AdGuard https://github.com/AdguardTeam/AdguardFilters/blob/b1622e8b387148509ca355e8070ffa5cdcf87525/SpanishFilter/sections/general_extensions.txt#L108 ) -----
+// used in: pelisenhd.org latinomegahd.net gatonplayseries.com peliculasgd.net tododvdfull.com
+(function() {
+    if (/mega-enlace.com/.test(window.location.href)) {
+        const window = unsafeWindow; //Added so it works in ViolentMonkey instead of AdGuard
+        const e = e => { // The e function: It sends a POST request to the link shortener's server and performs some string replacements to modify the form data and action URL. Finally, it sends another POST request with the modified form data to the action URL.
+                const o = new XMLHttpRequest;
+                o.open("POST", "/check.php", !0), o.setRequestHeader("Content-type", "application/x-www-form-urlencoded"), o.send("a");
+                const t = atob(window.ext_site).replace(/[a-z]/gi, (e => String.fromCharCode(e.charCodeAt(0) + (e.toLowerCase() <= "m" ? 13 : -13))));
+                let n = e.replaceAll('\\"', '"');
+                n = n.replace("'+ api_key+ '", window.api_key), n = n.replace("'+ link_out+ \"", window.link_out), n = n.replace(/action="'\+ .*?\+ '"/, `action="${t}"`);
+                var a;
+                const i = (a = n, (new DOMParser).parseFromString(a, "text/html")).querySelector("form"),
+                    r = new FormData(i),
+                    c = new XMLHttpRequest;
+                c.open("POST", t, !0), c.send(r), window.tab2 = window, postMessage("_clicked_b", location.origin)
+            },
+            o = { // The o object: This object is a proxy that intercepts function calls. It checks if the function call includes the api_key parameter and performs additional modifications to the function's code. If the necessary conditions are met, it tries to bypass the link shortener by calling the e function.
+                apply: (o, t, n) => {
+                    if (n[1] && n[1].includes("api_key")) {
+                        const o = window.link_out,
+                            t = window.api_key,
+                            a = n[1].match(/window\.open\(.*?\(atob\(main_site\)\).*?("\/.*\.php\?.*=").*?("&.*?=").*?(api_key),"view"/),
+                            i = a[1].replaceAll('"', ""),
+                            r = a[2].replaceAll('"', ""),
+                            c = n[1].match(/<form target=[\s\S]*?<\/form>/)[0];
+                        if (n[1] = n[1].replace("window.location.href", "var nulled"), n[1] = n[1].replace("window.open(f", "location.assign(f"), n[1] = n[1].replace(/(parseInt\(c\.split\("-"\)\[0\]\)<= 0).*?(\)\{)/, "$1$2"), o && t && i && r && c) try {
+                            "loading" === document.readyState ? window.addEventListener("load", (() => {
+                                e(c)
+                            }), {
+                                once: !0
+                            }) : e(c)
+                        } catch (e) {
+                            console.debug(e)
+                        }
+                    }
+                    return Reflect.apply(o, t, n)
+                }
+            };
+        window.Function.prototype.constructor = new Proxy(window.Function.prototype.constructor, o)
+    }
+})();

supported_sites.txt

@@ -723,3 +723,4 @@ r1.foxylinks.site
 /(adclicker.(io|info)|(discoveryultrasecure|yourihollier).com)\/url\/\#/
 /tiktokcounter.net/
 /(loot-link.com|loot-links.com|lootlink.org|lootlinks.co|lootdest.(info|org|com)|links-loot.com|linksloot.net)\/s\?.*$/
+/mega-enlace.com/